Brussels, 3 May 2024
Statement by the North Atlantic Council concerning malicious cyber activities against Germany and Czechia
We stand in solidarity with Germany following the malicious cyber campaign against a political party, in this case the Social Democratic Party of Germany, and with Czechia following the malicious cyber activities against its institutions.
Allies recognize that Germany and Czechia have attributed the responsibility of the malicious cyber activities in their respective countries to the threat actor APT28 sponsored by the Russian Federation, specifically the Russian General Staff Main Intelligence Directorate (GRU). Allies also note with concern that the same threat actor targeted other national governmental entities, critical infrastructure operators and other entities across the Alliance, including in Lithuania, Poland, Slovakia and Sweden.
We strongly condemn malicious cyber activities intended to undermine our democratic institutions, national security and free society.
The malicious cyber activities targeting Germany and Czechia underscore that cyberspace is contested at all times. Cyber threat actors persistently seek to destabilize the Alliance.
We remain committed to countering the substantial, continuous and increasing cyber threat, including to our democratic systems and our critical infrastructure. We are determined to employ the necessary capabilities in order to deter, defend against and counter the full spectrum of cyber threats to support each other, including by considering coordinated responses.
We promote a free, open, peaceful and secure cyberspace. We call on all States, including Russia, to respect their international obligations and commitments to uphold international law and act within the framework for responsible state behavior in cyberspace as affirmed by all members of the United Nations.
Source – NATO (via email)
Statement bei EU HR Borrell on Russia’s cyberattacks
The European Union and its Member States, together with international partners, strongly condemn the malicious cyber campaign conducted by the Russia-controlled Advanced Persistent Threat Actor 28 (APT28) against Germany and Czechia.
Today, Germany has shared publicly its assessment on APT28 compromise of various e-mail accounts of the German Social Democratic Party executive. At the same time, Czechia announced its institutions have been a target of this cyber campaign. State institutions, agencies and entities in Member States, including in Poland, Lithuania, Slovakia and Sweden have been targeted by the same threat actor before. In 2020, the EU imposed sanctions on individuals and entities responsible for the APT28 attacks targeting the German Federal Parliament in 2015.
The malicious cyber campaign shows Russia’s continuous pattern of irresponsible behaviour in cyberspace, by targeting democratic institutions, government entities and critical infrastructure providers across the European Union and beyond.
This type of behaviour is contrary to the UN norms of responsible state behaviour in cyberspace, such as impairing the use and operation of critical infrastructure. Disregarding international security and stability, Russia has repeatedly leveraged APT28 to conduct malicious cyber activities against the EU, its Member States and international partners, most notably Ukraine.
The EU will not tolerate such malicious behaviour, particularly activities that aim to degrade our critical infrastructure, weaken societal cohesion and influence democratic processes, mindful of this year’s elections in the EU and in more than 60 countries around the world. The EU and its Member States will continue to cooperate with our international partners to promote an open, free, stable and secure cyberspace.
The EU is determined to make use of the full spectrum of measures to prevent, deter and respond to Russia’s malicious behaviour in cyberspace.
Source – EU Council
Auswärtiges Amt zum Hackerangriff auf den Deutschen Bundestag
Die Sprecherin des Auswärtigen Amts erklärte heute (28.05.):
Der Staatssekretär des Auswärtigen Amts, Miguel Berger, hat heute den Botschafter der Russischen Föderation, Herrn Sergej J. Netschajew, zu einem Gespräch in das Auswärtige Amt geladen. Im Namen der Bundesregierung verurteilte er den Hackerangriff auf den Deutschen Bundestag auf das Schärfste.
Dem russischen Botschafter wurde unter Verweis auf den vom Ermittlungsrichter des Bundesgerichtshofs auf Antrag der Bundesanwaltschaft am 29. April 2020 ausgestellten Haftbefehl gegen den russischen Staatsangehörigen Dmitrij Badin mitgeteilt, dass sich die Bundesregierung in Brüssel für die Nutzung des EU-Cybersanktionsregimes gegen Verantwortliche für den Angriff auf den Deutschen Bundestag, darunter auch Herrn Badin, einsetzen wird.
Die Ausstellung des Haftbefehls gegen Herrn Badin erfolgte aufgrund des dringenden Tatverdachts, dass der Beschuldigte gemeinschaftlich handelnd mit bislang namentlich nicht bekannten weiteren Personen für den Geheimdienst einer fremden Macht eine geheimdienstliche Tätigkeit gegen die Bundesrepublik Deutschland ausgeübt hat. Der Beschuldigte gilt als dringend verdächtig, als Mitglied der Gruppe APT28 für den Hackerangriff auf den Deutschen Bundestag im April/ Mai 2015 verantwortlich zu sein. Es liegen belastbare Hinweise vor, dass er zum Zeitpunkt des Angriffs dem Militärischen Geheimdienst GRU angehört hat.
Die Bundesregierung bewertet diesen Vorgang auch vor dem Hintergrund der laufenden Ermittlung im sogenannten Tiergarten-Mordfall und behält sich weitere Maßnahmen ausdrücklich vor.
Quelle: Auswärtiges Amt zum Hackerangriff auf den Deutschen Bundestag